SCAMS- Artificial Intelligence and Scams

The use of Artificial Intelligence (AI) in scams was explored by the U.S. Senate Special Committee on Aging on November 16, 2023. AI is a growing component in scams including Grandparent Scams (Family Emergency Scams) with AI audio of a loved one, Romance Scams with AI generated fake profiles, and AI-powered phishing attacks using AI powered algorithms, and personalized phishing emails.

The committee also explored, with a panel of witnesses, the need for regulation of AI scams related to cryptocurrency, consumer protections, and the need for legislation to create tools and resources that can be used by law enforcement to hold scammers accountable for their actions.

The detrimental effects of scams on victims, even those who may not have lost money, were shown in clips from constituents and the testimony of one witness as he told the story of how he almost was a victim of a Family Emergency Scam.

At one point, the committee discussed the fact that there are holes in the law that prevent scammers from being held accountable. The committee and panelists discussed alternative paths that Congress could take to craft new legislation.

The committee tries to educate the public about scams and how to avoid them. It publishes a “Fraud Book” that lists the top scams and what to look for so that you won’t become victimized. It also offers a Fraud Hotline, (800) 303-9470, that provides guidance on where to report fraud and scams. The hotline operates Monday through Friday 9am to 5pm Eastern Time.

Comment: The work of this committee is important to curb the mounting scourge of scams and fraud. Fraud is an old crime, but the use of modern technology has catapulted it into a growing crime that is rivaling other crimes in financial losses to its victims. Congress is behind in developing remedies for victims and society in controlling modern scams and fraud. Any effort to control scams and fraud should be welcomed.

The committee is a start. Its focus is on scams as they affect older Americans. Scammers do not limit their targets to the old, but also victimize the young. Any legislation that comes out of Congress needs to protect all victims, young and old.

 

 

 

 

 

C-SPAN:

Note: This video of the Senate Special Aging Hearing on Artificial Intelligence and Scams hearing held on November 16, 2023, is about an hour and thirty-five minutes (short when it comes to some congressional hearings) and is well worth viewing for the insights that the panelists provide.

https://www.c-span.org/video/?531903-1/senate-special-aging-hearing-artificial-intelligence-scams

 

U.S. Senate Special Committee on Aging:

https://www.aging.senate.gov/scam-resources

https://www.aging.senate.gov/imo/media/doc/fraud_book_2023__english.pdf

https://www.aging.senate.gov/imo/media/doc/fraud_brochure__english.pdf

 

Scamicide.com:

https://scamicide.com/

 

AARP The Perfect Scam:

https://www.aarp.org/podcasts/the-perfect-scam/info-2023/criminals-using-ai-voice-cloning.html

 

 

 

 

 

 

SNOHOMISH COUNTY SHERIFF’S OFFICE- Holiday Safety Tips

The Snohomish County Sheriff’s Office has posted its annual holiday issue of its crime prevention newsletter “Partners in Crime Prevention.”

The number one safety tip is to not drink and drive. If you plan on drinking over the holidays, please find a friend or service to take you home.

Also, the Sheriff’s Office has tips for safe shopping and protecting your Christmas presents.

You can find the newsletter at the link below.

Happy Holidays!

 

 

Snohomish County Sheriff’s Office:

https://www.snohomishcountywa.gov/ArchiveCenter/ViewFile/Item/7089

 

 

CYBERSECURITY- Update Your Software

Long passwords, using Multifactor Authentication, and detecting attempts at phishing are all important techniques to keep your online information secure. One more simple action will also help you keep your online identity and information safe. That is to update your computer, laptop/tablet, and smartphone when updates are available.

Cybercriminals work tirelessly to find vulnerabilities in software to gather information about you or your company. When software developers find out about those vulnerabilities, they plug the holes then send an update (also known as a patch) to the software’s registered users.

It’s important to install security updates as soon as possible. The sooner you update your device, the sooner you will be secure from the specific threat(s) that the update is designed to plug.

The easiest way to update your software is to turn on automatic updates in your settings for your operating system and any of the applications that you have on your device.

Some updates may require your permission to install. Give your permission as soon as possible. That way your device will be safe.

By updating your software from the source of its creation, you ensure that updates come from legitimate sources.

Updating may seem too simple, but it is as essential as long passwords, Multifactor Authentication, and blocking phishing attempts.

 

Cybersecurity & Infrastructure Security Agency:

https://www.cisa.gov/secure-our-world/update-software

https://www.cisa.gov/news-events/news/understanding-patches-and-software-updates

 

National Cybersecurity Alliance:

https://staysafeonline.org/resources/software-updates/

  

Ask Leo:

https://askleo.com/five-resolutions-holidays-new-year/

 

 

 

CYBERSECURITY- Multifactor Authentication

Using passwords to enter online accounts has been around for a long time. Using long complex passwords works against brute force attacks. But there have proven to be many attack methods for cybercriminals to use to obtain passwords. For example, phishing attacks use social engineering to trick victims into giving over their passwords. Also, your passwords can be acquired through a data breach.

So, passwords have proven to be more fragile as far as security is concerned. If a cybercriminal can trick you into giving him your password or obtain it by stealing it from a database that you have no control over, then there needs to be a different or added way to ensure that you are who you say you are.

As a result, cybersecurity professionals have come up with a new method to authenticate you as you, Multifactor Authentication (MFA). Also known as Two Factor Authentication, MFA adds a second factor to authenticate you. When you use an ID and password, you are using something that you know to give the holder of your online account. With MFA, you use either something that you have (cell phone) or something that you are (fingerprints or face) to authenticate your identity.

When you sign into your account, you enter your ID and password as usual. But then the service might send you a text message or email with a code that you enter into the sign in form. That way, the service knows that it has the right person.

But text messages and email can be intercepted. So, cybersecurity professionals have developed secure authenticator apps such as Google Authenticator and Microsoft Authenticator. With an authenticator app a code will show on the app, which you can enter the code in the dialog on your PC or laptop. The codes are short-term, lasting only 30 seconds or so. This helps ensure security, making it harder for identity thieves to break into your account.

And you don’t have to use MFA every time you log into an account. Most services will let you in without using MFA as long as you are still on the same computer or device. Some services will give you a choice between never using MFA on your current computer, using MFA periodically, or always using MFA. Based on your settings, you will only need to use MFA if you use a different computer or device, or you change your password. Some services know where you are so they may require MFA if you try to log in if you are away from home.

MFA can be circumvented. Scammers have been known to get into online accounts by fooling the victim. They may convince a victim to give over their ID and password then ask for the code if MFA is instituted. Another method is for the scammer to obtain an ID and password via a data breach or purchase on the dark web. When they try to sign into an account with MFA, the real owner of the online account receives an MFA text or MFA push notice to authenticate the sign in. The scammer might sign in multiple times to send the MFA notice, bombarding the account owner in what is called “MFA fatigue” until the owner approves the sign in request.

If you receive an MFA notification and you are not trying to log into an account, disapprove or do not fill in any information. And do not give anyone your ID and password, or MFA authentication code even if you are talking to them.

Even with the workarounds that cybercriminals may have found, MFA works to protect your online accounts. Both Microsoft and Google have announced that MFA can block up to 99% of most attacks on online accounts.

For any online account that offers it, set up MFA to protect your valuable information.

 

Norton:

https://us.norton.com/blog/emerging-threats/password-attack

 

ZDNET:

https://www.zdnet.com/article/microsoft-using-multi-factor-authentication-blocks-99-9-of-account-hacks/

 

Ask Leo:

https://askleo.com/two-factor-authentication/

 

National Cybersecurity Alliance:

https://staysafeonline.org/online-safety-privacy-basics/multi-factor-authentication/?utm_content=269329244&utm_medium=social&utm_source=twitter&hss_channel=tw-71354375&s=09

 

 Cybersecurity & Infrastructure Security Agency:

https://www.cisa.gov/secure-our-world/turn-mfa

 

Microsoft:

https://support.microsoft.com/en-us/topic/what-is-multifactor-authentication-e5e39437-121c-be60-d123-eda06bddf661

 

 

 

 

 

 

 

SCAM WARNING- Scammers Posing as Snohomish County PUD Employees

SCAM WARNING- Scammers Posing as Snohomish County PUD Employees

Snohomish County PUD is warning its customers about scammers posing as its employees. The PUD has launched a long-term project to upgrade its electric meters and water meters. Apparently, scammers are approaching homeowners and asking for payment to upgrade their meters.

The PUD says that its employees will not ask for payment for new meters. The program, called Connect Up, is free to its customers.

The PUD recommends that if someone comes to your door and claims to be from the PUD, ask to see their PUD ID. The ID should have the employee’s photo and first name. the PUD notes that employees carry PUD identification, wear PUD-branded clothing, and drive a PUD vehicle with the PUD logo.

If you are suspicious of the individual, PUD recommends that you call their customer service number, (425) 783-1000, and confirm the employee’s identity.

Scammers often impersonate utility employees. Most often the scam is delivered over the phone or via email and involves claims of delinquent accounts. This scam is novel in that the scammers are going door to door. But as with other scams, they ask for payment for a service that is free to the customer.

For more information about the scam and the Connect Up program check out the links below.

  

Snohomish County PUD:

https://www.snopud.com/pud-receiving-reports-of-metering-and-utility-scams/

 https://www.snopud.com/connect-up-delay/#:~:text=The%20PUD%E2%80%99s%20Connect%20Up%20program%20is%20an%20infrastructure,of%20new%20meters%20at%20the%20start%20of%202023.